Loading drivers/platform/msm/ipa/ipa_v2/ipa_nat.c +13 −0 Original line number Original line Diff line number Diff line Loading @@ -327,14 +327,18 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) size_t tmp; size_t tmp; gfp_t flag = GFP_KERNEL | (ipa_ctx->use_dma_zone ? GFP_DMA : 0); gfp_t flag = GFP_KERNEL | (ipa_ctx->use_dma_zone ? GFP_DMA : 0); mutex_lock(&ipa_ctx->nat_mem.lock); if (!ipa_ctx->nat_mem.is_dev_init) { if (!ipa_ctx->nat_mem.is_dev_init) { IPAERR_RL("Nat table not initialized\n"); IPAERR_RL("Nat table not initialized\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } IPADBG("\n"); IPADBG("\n"); if (init->table_entries == 0) { if (init->table_entries == 0) { IPADBG("Table entries is zero\n"); IPADBG("Table entries is zero\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -342,6 +346,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->ipv4_rules_offset > if (init->ipv4_rules_offset > (UINT_MAX - (TBL_ENTRY_SIZE * (init->table_entries + 1)))) { (UINT_MAX - (TBL_ENTRY_SIZE * (init->table_entries + 1)))) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Table Entry offset is not /* Check Table Entry offset is not Loading @@ -354,6 +359,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->ipv4_rules_offset, (init->table_entries + 1), init->ipv4_rules_offset, (init->table_entries + 1), tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -361,6 +367,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->expn_rules_offset > if (init->expn_rules_offset > UINT_MAX - (TBL_ENTRY_SIZE * init->expn_table_entries)) { UINT_MAX - (TBL_ENTRY_SIZE * init->expn_table_entries)) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Expn Table Entry offset is not /* Check Expn Table Entry offset is not Loading @@ -373,6 +380,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->expn_rules_offset, init->expn_table_entries, init->expn_rules_offset, init->expn_table_entries, tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -380,6 +388,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->index_offset > if (init->index_offset > UINT_MAX - (INDX_TBL_ENTRY_SIZE * (init->table_entries + 1))) { UINT_MAX - (INDX_TBL_ENTRY_SIZE * (init->table_entries + 1))) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Indx Table Entry offset is not /* Check Indx Table Entry offset is not Loading @@ -392,6 +401,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->index_offset, (init->table_entries + 1), init->index_offset, (init->table_entries + 1), tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -399,6 +409,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->index_expn_offset > if (init->index_expn_offset > (UINT_MAX - (INDX_TBL_ENTRY_SIZE * init->expn_table_entries))) { (UINT_MAX - (INDX_TBL_ENTRY_SIZE * init->expn_table_entries))) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Expn Table entry offset is not /* Check Expn Table entry offset is not Loading @@ -411,6 +422,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->index_expn_offset, init->expn_table_entries, init->index_expn_offset, init->expn_table_entries, tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading Loading @@ -559,6 +571,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) free_nop: free_nop: kfree(reg_write_nop); kfree(reg_write_nop); bail: bail: mutex_unlock(&ipa_ctx->nat_mem.lock); return result; return result; } } Loading drivers/platform/msm/ipa/ipa_v3/ipa_nat.c +12 −0 Original line number Original line Diff line number Diff line Loading @@ -839,19 +839,24 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPADBG("\n"); IPADBG("\n"); mutex_lock(&ipa3_ctx->nat_mem.dev.lock); if (!ipa3_ctx->nat_mem.dev.is_mapped) { if (!ipa3_ctx->nat_mem.dev.is_mapped) { IPAERR_RL("attempt to init %s before mmap\n", IPAERR_RL("attempt to init %s before mmap\n", ipa3_ctx->nat_mem.dev.name); ipa3_ctx->nat_mem.dev.name); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return -EPERM; return -EPERM; } } if (init->tbl_index >= 1) { if (init->tbl_index >= 1) { IPAERR_RL("Unsupported table index %d\n", init->tbl_index); IPAERR_RL("Unsupported table index %d\n", init->tbl_index); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return -EPERM; return -EPERM; } } if (init->table_entries == 0) { if (init->table_entries == 0) { IPAERR_RL("Table entries is zero\n"); IPAERR_RL("Table entries is zero\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return -EPERM; return -EPERM; } } Loading @@ -862,6 +867,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4); IPAHAL_NAT_IPV4); if (result) { if (result) { IPAERR_RL("Bad params for NAT base table\n"); IPAERR_RL("Bad params for NAT base table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -872,6 +878,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4); IPAHAL_NAT_IPV4); if (result) { if (result) { IPAERR_RL("Bad params for NAT expansion table\n"); IPAERR_RL("Bad params for NAT expansion table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -882,6 +889,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4_INDEX); IPAHAL_NAT_IPV4_INDEX); if (result) { if (result) { IPAERR_RL("Bad params for index table\n"); IPAERR_RL("Bad params for index table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -892,6 +900,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4_INDEX); IPAHAL_NAT_IPV4_INDEX); if (result) { if (result) { IPAERR_RL("Bad params for index expansion table\n"); IPAERR_RL("Bad params for index expansion table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading Loading @@ -925,6 +934,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) result = ipa3_nat_send_init_cmd(&cmd, false); result = ipa3_nat_send_init_cmd(&cmd, false); if (result) { if (result) { IPAERR("Fail to send NAT init immediate command\n"); IPAERR("Fail to send NAT init immediate command\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -950,6 +960,8 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) ipa3_ctx->nat_mem.index_table_expansion_addr); ipa3_ctx->nat_mem.index_table_expansion_addr); ipa3_ctx->nat_mem.dev.is_hw_init = true; ipa3_ctx->nat_mem.dev.is_hw_init = true; mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); IPADBG("return\n"); IPADBG("return\n"); return 0; return 0; } } Loading Loading
drivers/platform/msm/ipa/ipa_v2/ipa_nat.c +13 −0 Original line number Original line Diff line number Diff line Loading @@ -327,14 +327,18 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) size_t tmp; size_t tmp; gfp_t flag = GFP_KERNEL | (ipa_ctx->use_dma_zone ? GFP_DMA : 0); gfp_t flag = GFP_KERNEL | (ipa_ctx->use_dma_zone ? GFP_DMA : 0); mutex_lock(&ipa_ctx->nat_mem.lock); if (!ipa_ctx->nat_mem.is_dev_init) { if (!ipa_ctx->nat_mem.is_dev_init) { IPAERR_RL("Nat table not initialized\n"); IPAERR_RL("Nat table not initialized\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } IPADBG("\n"); IPADBG("\n"); if (init->table_entries == 0) { if (init->table_entries == 0) { IPADBG("Table entries is zero\n"); IPADBG("Table entries is zero\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -342,6 +346,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->ipv4_rules_offset > if (init->ipv4_rules_offset > (UINT_MAX - (TBL_ENTRY_SIZE * (init->table_entries + 1)))) { (UINT_MAX - (TBL_ENTRY_SIZE * (init->table_entries + 1)))) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Table Entry offset is not /* Check Table Entry offset is not Loading @@ -354,6 +359,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->ipv4_rules_offset, (init->table_entries + 1), init->ipv4_rules_offset, (init->table_entries + 1), tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -361,6 +367,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->expn_rules_offset > if (init->expn_rules_offset > UINT_MAX - (TBL_ENTRY_SIZE * init->expn_table_entries)) { UINT_MAX - (TBL_ENTRY_SIZE * init->expn_table_entries)) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Expn Table Entry offset is not /* Check Expn Table Entry offset is not Loading @@ -373,6 +380,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->expn_rules_offset, init->expn_table_entries, init->expn_rules_offset, init->expn_table_entries, tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -380,6 +388,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->index_offset > if (init->index_offset > UINT_MAX - (INDX_TBL_ENTRY_SIZE * (init->table_entries + 1))) { UINT_MAX - (INDX_TBL_ENTRY_SIZE * (init->table_entries + 1))) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Indx Table Entry offset is not /* Check Indx Table Entry offset is not Loading @@ -392,6 +401,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->index_offset, (init->table_entries + 1), init->index_offset, (init->table_entries + 1), tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading @@ -399,6 +409,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) if (init->index_expn_offset > if (init->index_expn_offset > (UINT_MAX - (INDX_TBL_ENTRY_SIZE * init->expn_table_entries))) { (UINT_MAX - (INDX_TBL_ENTRY_SIZE * init->expn_table_entries))) { IPAERR_RL("Detected overflow\n"); IPAERR_RL("Detected overflow\n"); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } /* Check Expn Table entry offset is not /* Check Expn Table entry offset is not Loading @@ -411,6 +422,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", IPAERR_RL("offset:%d entrys:%d size:%zu mem_size:%zu\n", init->index_expn_offset, init->expn_table_entries, init->index_expn_offset, init->expn_table_entries, tmp, ipa_ctx->nat_mem.size); tmp, ipa_ctx->nat_mem.size); mutex_unlock(&ipa_ctx->nat_mem.lock); return -EPERM; return -EPERM; } } Loading Loading @@ -559,6 +571,7 @@ int ipa2_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) free_nop: free_nop: kfree(reg_write_nop); kfree(reg_write_nop); bail: bail: mutex_unlock(&ipa_ctx->nat_mem.lock); return result; return result; } } Loading
drivers/platform/msm/ipa/ipa_v3/ipa_nat.c +12 −0 Original line number Original line Diff line number Diff line Loading @@ -839,19 +839,24 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPADBG("\n"); IPADBG("\n"); mutex_lock(&ipa3_ctx->nat_mem.dev.lock); if (!ipa3_ctx->nat_mem.dev.is_mapped) { if (!ipa3_ctx->nat_mem.dev.is_mapped) { IPAERR_RL("attempt to init %s before mmap\n", IPAERR_RL("attempt to init %s before mmap\n", ipa3_ctx->nat_mem.dev.name); ipa3_ctx->nat_mem.dev.name); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return -EPERM; return -EPERM; } } if (init->tbl_index >= 1) { if (init->tbl_index >= 1) { IPAERR_RL("Unsupported table index %d\n", init->tbl_index); IPAERR_RL("Unsupported table index %d\n", init->tbl_index); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return -EPERM; return -EPERM; } } if (init->table_entries == 0) { if (init->table_entries == 0) { IPAERR_RL("Table entries is zero\n"); IPAERR_RL("Table entries is zero\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return -EPERM; return -EPERM; } } Loading @@ -862,6 +867,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4); IPAHAL_NAT_IPV4); if (result) { if (result) { IPAERR_RL("Bad params for NAT base table\n"); IPAERR_RL("Bad params for NAT base table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -872,6 +878,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4); IPAHAL_NAT_IPV4); if (result) { if (result) { IPAERR_RL("Bad params for NAT expansion table\n"); IPAERR_RL("Bad params for NAT expansion table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -882,6 +889,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4_INDEX); IPAHAL_NAT_IPV4_INDEX); if (result) { if (result) { IPAERR_RL("Bad params for index table\n"); IPAERR_RL("Bad params for index table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -892,6 +900,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) IPAHAL_NAT_IPV4_INDEX); IPAHAL_NAT_IPV4_INDEX); if (result) { if (result) { IPAERR_RL("Bad params for index expansion table\n"); IPAERR_RL("Bad params for index expansion table\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading Loading @@ -925,6 +934,7 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) result = ipa3_nat_send_init_cmd(&cmd, false); result = ipa3_nat_send_init_cmd(&cmd, false); if (result) { if (result) { IPAERR("Fail to send NAT init immediate command\n"); IPAERR("Fail to send NAT init immediate command\n"); mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); return result; return result; } } Loading @@ -950,6 +960,8 @@ int ipa3_nat_init_cmd(struct ipa_ioc_v4_nat_init *init) ipa3_ctx->nat_mem.index_table_expansion_addr); ipa3_ctx->nat_mem.index_table_expansion_addr); ipa3_ctx->nat_mem.dev.is_hw_init = true; ipa3_ctx->nat_mem.dev.is_hw_init = true; mutex_unlock(&ipa3_ctx->nat_mem.dev.lock); IPADBG("return\n"); IPADBG("return\n"); return 0; return 0; } } Loading
